Server data from the Official MCP Registry
Avito API MCP for AI agents — 148 tools, safe-by-default, stdio or remote HTTP (OAuth 2.1).
Avito API MCP for AI agents — 148 tools, safe-by-default, stdio or remote HTTP (OAuth 2.1).
avito-mcp is a well-architected MCP server with comprehensive safety features, proper authentication via OAuth 2.1, and careful permission scoping. The codebase demonstrates strong security practices including dry-run modes, idempotency keys, structured error handling, and a three-layer safety model. No critical vulnerabilities or malicious patterns detected. Minor findings relate to code quality (broad exception handling, logging concerns) but do not impact the overall security posture. Supply chain analysis found 1 known vulnerability in dependencies (0 critical, 1 high severity). Package verification found 1 issue.
3 files analyzed · 5 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Set these up before or after installing:
Environment variable: Client_id
Environment variable: Client_secret
Environment variable: Profile_id
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-elchin92-avito-mcp": {
"env": {
"Client_id": "your-client-id-here",
"Profile_id": "your-profile-id-here",
"Client_secret": "your-client-secret-here"
},
"args": [
"-y",
"avito-mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
Give your AI agents hands and feet on Avito. An MCP server that lets Claude, Cursor, Cline and any other AI assistant do real work on Avito for you — answer customers, manage listings, run promotions, fulfil orders, analyse stats. 138 Swagger endpoint tools + 3 local/convenience tools + 7 meta tools = up to 148 MCP tools across 18 official Avito APIs. Runs locally over stdio or as a shared remote MCP over HTTP (OAuth 2.1), with a built-in webhook receiver for real-time chat events. One
npxcommand to install.
🇷🇺 Русская версия / Russian version →
New in v1.2.0 — full security and contract hardening: account-bound tokens, mutation-safe retries, strict OAuth scope/resource and session ownership, operator-locked webhooks, race-safe confirmation/idempotency, descriptor-safe uploads, bounded response/state stores, all-source coverage, and generated OpenAPI contract checks for all 138 endpoint wrappers. See the CHANGELOG for migration notes.
Avito is Russia's largest classifieds marketplace (~250M monthly visits). Selling there involves dozens of repetitive operations every day: replying in chats, refreshing listings, applying paid promotion, generating shipping labels, watching stats.
avito-mcp exposes every public Avito API as a tool your AI agent can call. Plug it into your favourite MCP client and your agent can run an entire Avito storefront — autonomously — from natural language.
npx -y avito-mcp, no clone/build, no Docker1. Get OAuth credentials from the Avito Developer Portal: Client_id, Client_secret, and your Profile_id (your numeric account ID, shown on the same page).
2. Add this snippet to your MCP client's config (the JSON is the same for every client — only the file path differs, see Connect your AI client):
{
"mcpServers": {
"avito": {
"command": "npx",
"args": ["-y", "avito-mcp"],
"env": {
"Client_id": "YOUR_CLIENT_ID",
"Client_secret": "YOUR_CLIENT_SECRET",
"Profile_id": "YOUR_PROFILE_ID"
}
}
}
}
3. Restart your client. Ask your agent:
"What's my Avito balance and how many unread chats do I have?"
Done. Two API calls, real answer.
Most MCP servers are designed to be called by hand from a chat window. avito-mcp is designed to be left running — picked up by multi-agent runtimes and scheduled agents that operate without you watching.
Typical deployment patterns:
AVITO_MCP_ALLOW_TOOLS / safety modes).The stdio transport keeps every credential and API response on your machine. No proxy. No SaaS in the middle.
→ See the full list of compatible runtimes at modelcontextprotocol.io/clients.
| Configuration | Tools visible |
|---|---|
Default (AVITO_MCP_MODE=full_access, no opt-ins) | 144 |
+ AVITO_MCP_EXPOSE_AUTH_TOOLS=1 | 147 (+3 auth) |
+ AVITO_MCP_ALLOWED_UPLOAD_DIRS=… | 145 (+1 upload) |
| + Both opt-ins | 148 |
AVITO_MCP_CONFIRMATION_MODE=off | −3 (hides meta_*_action) |
AVITO_MCP_MODE=read_only | 80 (only risk=read) |
AVITO_MCP_MODE=guarded | 120 (read + write; hides money/public) |
138 tools map one-to-one to bundled Swagger operations, 3 are local/convenience tools, and 7 are meta tools — meta_get_rate_limits, three meta_*_action tools for the confirmation flow, plus meta_health, meta_auth_status and meta_capabilities for introspection. The authoritative, active-policy inventory lives in dist/manifest.json (regenerate with npm run generate:manifest).
Every public endpoint from Avito's 18 OpenAPI specs is exposed. Click any group to expand.
Avito API snapshot date: 25 May 2026. The bundled swaggers (
./swaggers/) reflect Avito's public API as of that date. Avito occasionally adds or revises endpoints — if you spot drift (404 on a known method, new method missing), open an issue and we'll bump the snapshot.
items_get_items_info — list your listings (pagination, status, category filters)items_get_item_info — full details of one listingitems_post_calls_stats — call statistics per item per dayitems_post_vas_prices — promotion service prices for given itemsitems_post_item_stats_shallow — basic views/contacts/calls over a perioditems_post_item_analytics — extended analytics with grouping & sortingitems_post_account_spendings — spend breakdown by service typeitems_update_price ⚠️ — change listing priceitems_put_item_vas ⚠️ — apply one paid VAS serviceitems_put_item_vas_package_v2 ⚠️ — apply a VAS packageitems_apply_vas ⚠️ — apply multiple VAS slugs at oncemessenger_get_chats_v2 — list chats (filters: unread, item_ids, chat_types)messenger_get_chat_by_id_v2 — details of one chatmessenger_get_messages_v3 — message history in a chat (paginated)messenger_get_voice_files — download URLs for voice messagesmessenger_get_subscriptions — current webhook subscriptionsmessenger_post_send_message ⚠️ — send a real text reply to a customermessenger_post_send_image_message ⚠️ — send an image (use upload first)messenger_upload_images — multipart upload, returns image_idsmessenger_delete_message ⚠️ — delete a messagemessenger_chat_read — mark all unread in a chat as readmessenger_post_blacklist_v2 ⚠️ — block users (with reason codes)messenger_post_webhook_v3 ⚠️ — subscribe to push notifications (needs public URL)messenger_post_webhook_unsubscribe — unsubscribemessenger_get_webhook_events — drain events received by the built-in webhook receivermessenger_get_webhook_status — receiver stats: retained / total received / last receivedmessenger_register_webhook ⚠️ — subscribe the configured public URL with Avito in one callorders_get_orders — list orders with filtersorders_get_courier_delivery_range — available courier time slotsorders_download_label — fetch generated label PDForders_markings ⚠️ — submit "Честный знак" (mandatory product marking)orders_accept_return_order ⚠️ — choose Russian Post office for returnorders_apply_transition ⚠️ — change order status (confirm/ship/cancel)orders_check_confirmation_code — verify pickup codeorders_cnc_set_details ⚠️ — click-and-collect order detailsorders_set_courier_delivery_range ⚠️ — pick a courier time slotorders_set_tracking_number ⚠️ — set carrier tracking numberorders_generate_labels — generate labels (≤100 orders)orders_generate_labels_extended — generate labels (≤1000 orders)XML/YML/CSV feed uploads, report retrieval, ID mapping, category schema lookup. Includes both v1 (deprecated, kept for compatibility) and v2/v3.
autoload_upload ⚠️ — trigger a feed upload (rate-limited to 1/hour)autoload_get_profile_v2, autoload_create_or_update_profile_v2 ⚠️ — manage feed profileautoload_get_reports_v2 — list upload reports with paginationautoload_get_report_by_id_v3, autoload_get_last_completed_report_v3 — report detailsautoload_get_report_items_by_id, autoload_get_report_items_fees_by_id — per-item resultsautoload_get_ad_ids_by_avito_ids, autoload_get_avito_ids_by_ad_ids — ID mappingautoload_user_docs_tree, autoload_user_docs_node_fields — category schema referenceAvito's logistics partner API for delivery service providers. Most users will never call these — they're for shipping companies integrating with Avito Delivery. Includes both production endpoints and sandbox endpoints for partner testing. Full list in the source: src/domains/delivery.ts.
cpa_*cpa_target_get_bids, cpa_target_save_auto_bid ⚠️, cpa_target_save_manual_bid ⚠️, …cpa_auction_get_user_bids, cpa_auction_save_item_bids ⚠️user_get_user_info_self, user_get_user_balance, user_post_operations_historystock_get_stocks_info, stock_update_stocks ⚠️reviews_get_reviews_v1, reviews_create_review_answer_v1 ⚠️, reviews_remove_review_answer_v1 ⚠️, reviews_get_ratings_info_v1auth_get_access_token (debug; the server manages tokens automatically), auth_get_access_token_authorization_code, auth_refresh_access_token_authorization_codemeta_get_rate_limits — observe X-RateLimit-* across all domains⚠️ marks methods that spend real money or affect live data (price changes, paid promotion, customer-facing messages, blocked users). Safe read-only smoke tools:
user_get_user_balance,items_get_items_info,messenger_get_chats_v2,meta_get_rate_limits.
Beyond tools, the server exposes MCP resources (data your agent can fetch without an API call) and prompts (canned workflows that orchestrate the right tools in the right order).
| URI | Type | What's in it |
|---|---|---|
avito://docs/safety | text/markdown | Safety modes + confirmation guide |
avito://manifest | application/json | Live tool catalogue (risk / domain / title / annotations) |
avito://state/config | application/json | Active config snapshot — secrets redacted |
avito://state/rate-limits | application/json | Latest X-RateLimit-* per Avito domain |
avito://state/pending-actions | application/json | Pending confirmations — subscribable, emits notifications/resources/updated |
avito://webhook/events | application/json | Buffered Avito webhook events — subscribable |
avito://swaggers/{slug} | application/json | One resource per file in swaggers/ (autocomplete via complete) |
Subscribe to avito://state/pending-actions and your client sees every create/confirm/cancel/expire in real time — perfect for UIs that want a "things waiting for human" indicator. Subscribe to avito://webhook/events and the client is notified the moment Avito delivers a new chat event.
| Name | Args | Purpose |
|---|---|---|
avito_daily_overview | days? (default 7) | Balance + active items + spendings (read-only, no confirmation) |
avito_check_unread_chats | limit? (default 20) | Triage unread chats; explicit "don't send / don't blacklist" guard |
avito_safety_report | — | Self-describe via state/config + manifest + docs/safety |
avito_explain_tool | tool_name | Cross-reference one tool's manifest entry + matching swagger |
avito_promote_item | item_id | Gather everything needed before a paid VAS purchase; explicit "не покупай" |
Every tool returns structuredContent alongside the text block — clients can parse Avito responses as JSON without regex:
{ status, ...data, http_status }; legacy/API-owned status is preserved, while http_status is always the HTTP code{ status, http_status, items, count }{ status, http_status, mimeType, sizeBytes, base64 }; text content also keeps base64 for pre-2025-06-18 MCP clients{ error: { type, message, retryable, retryAfter?, httpStatus? }, error_kind } with isError: true — see Structured error taxonomySelected pino events (mode changes, hidden-tool reports, confirmation lifecycle, rate-limit warnings) are forwarded to the client as notifications/message with logger: "avito-mcp", with sensitive fields censored. Clients that adjust verbosity via logging/setLevel work as expected. Pino → stderr is preserved.
Opt-in primitives that make the package safe to use in any automation context — manual chat, scheduled jobs, multi-agent runtimes, server farms — without committing to a specific orchestrator or backend.
Every destructive tool (risk: write | money | public) accepts an optional dryRun: boolean parameter. When true, the tool returns a structured preview of the HTTP request it would have made — no call to Avito. Useful both for human inspection ("what is the agent about to do?") and for agents that want to think before acting.
{
"name": "items_update_price",
"arguments": { "item_id": 12345, "price": 1400, "dryRun": true }
}
→ structuredContent: { dryRun: true, operation: { tool, method, path, ... }, request_preview: { ... } } and fetch is never called.
You can flip the default for the entire server: AVITO_MCP_DRY_RUN_DEFAULT=true or --dry-run. Then every destructive tool short-circuits unless the agent explicitly passes dryRun: false.
Every destructive tool also accepts an optional idempotencyKey: string. The server keeps an in-memory ledger keyed by bounded SHA-256 fingerprints of (tool, key) plus hash(args); long keys are never retained verbatim:
structuredContent.idempotent_replay: true. No second HTTP call.IdempotencyConflictError (the dedupe contract was violated).This is the simplest reliable defence against duplicate sends after retries, crashes, or race conditions between concurrent agents. TTL via AVITO_MCP_IDEMPOTENCY_TTL_SEC (default 1 hour).
All errors return both human text and a machine envelope:
{
"isError": true,
"structuredContent": {
"error": {
"type": "AVITO_RATE_LIMIT",
"message": "Avito API 429 for POST ...",
"retryable": true,
"retryAfter": 60,
"httpStatus": 429
}
}
}
type ∈ AVITO_BAD_REQUEST | AVITO_UNAUTHORIZED | AVITO_FORBIDDEN | AVITO_NOT_FOUND | AVITO_RATE_LIMIT | AVITO_SERVER_ERROR | AVITO_API_ERROR | NETWORK_ERROR | TIMEOUT | CONFIG_ERROR | INTERNAL_ERROR.
Agents can branch on retryable and retryAfter programmatically — no regex over English text.
| Tool | What it returns |
|---|---|
meta_health | Overall health snapshot: version, uptime, capabilities, safety mode, counters (pending actions, idempotency entries, rate-limit snapshots) |
meta_auth_status | OAuth token metadata only — tokenPresent, expiresInSec, last error. The token value is NEVER exposed. With probe: true will attempt a refresh. |
meta_capabilities | Machine-readable config: mode, allow/deny counts, feature flags (dryRun, idempotency, confirmation, hardConfirmation, fileUploads, sensitiveAuthTools) |
All three have strict outputSchema (zod) — clients can validate against the contract.
If you run multiple avito-mcp processes against the same token file (cron + chat + CLI), they never hit Avito's /token endpoint in parallel. The first to acquire {tokenFile}.lock refreshes; the rest wait, then read the freshly-refreshed token from disk. Ownership-checked leases reclaim dead/corrupt locks without stealing a live process's lock. Tunable via AVITO_MCP_TOKEN_LOCK_TIMEOUT_MS (default 30s).
Convenience shortcuts that translate to env vars (env wins if both set):
avito-mcp --readonly # AVITO_MCP_MODE=read_only
avito-mcp --guarded # AVITO_MCP_MODE=guarded
avito-mcp --dry-run # AVITO_MCP_DRY_RUN_DEFAULT=true
avito-mcp --no-confirmation # AVITO_MCP_CONFIRMATION_MODE=off
avito-mcp --http | --both # AVITO_MCP_TRANSPORT=http | both
avito-mcp --health # print JSON health snapshot and exit
--health does not start the server; it is a local configuration/capability diagnostic, not a liveness probe for an already running process. The bundled Docker image checks PID 1 in stdio mode and the live /readyz endpoint in HTTP/webhook mode. For Kubernetes or a supervisor, probe:
/readyz returns 200 only while the listener is open, HTTP-mode Avito credentials are complete, the token state directory is writable, the OAuth store lease is healthy, and configured webhook persistence has not failed. Its public body remains only { "ok": boolean }.
httpGet:
path: /readyz
port: 3000
By default avito-mcp speaks stdio — perfect for a local client. It can also run as a remote MCP server: the same 148 tools served over the network via Streamable HTTP, so a hosted agent, a team, or a phone-based client can connect to one shared instance. Access is gated by OAuth 2.1 (authorization-code + PKCE + Dynamic Client Registration), with a human-in-the-loop consent screen.
AVITO_MCP_TRANSPORT=http # stdio (default) | http | both (CLI: --http)
AVITO_MCP_HTTP_HOST=127.0.0.1 # loopback by default; TLS is the proxy's job
AVITO_MCP_HTTP_PORT=3000
AVITO_MCP_HTTP_PUBLIC_URL=https://mcp.example.com # your public TLS domain, NO trailing slash
AVITO_MCP_HTTP_AUTH=oauth # oauth (default) | bearer | none
AVITO_MCP_OAUTH_OWNER_PASSWORD=… # REQUIRED, random, at least 32 bytes
# Client_id / Client_secret / Profile_id as usual (the Avito credentials the remote server acts with)
both runs stdio and HTTP at once — handy when one process serves a local client and a remote one simultaneously.
/.well-known/oauth-protected-resource/mcp (the RFC 9728 path-suffixed URL the 401's WWW-Authenticate header points to), discovers the authorization server, and reads /.well-known/oauth-authorization-server.POST /register) — no manual client setup./authorize in a browser./authorize by entering AVITO_MCP_OAUTH_OWNER_PASSWORD. This is the gate — without the owner password no token is ever issued, and the approval endpoint is rate-limited against brute force./token for a bearer token (TTL AVITO_MCP_OAUTH_TOKEN_TTL_SEC, default 3600s), and that token guards every /mcp request.Tokens are accepted only with the exact avito:mcp scope and this deployment's exact resource URL; each MCP session is bound to the OAuth principal that initialized it. Consent transactions and authorization codes are one-time and short-lived.
| Endpoint | Purpose |
|---|---|
/mcp | Streamable HTTP MCP transport (the tools) |
/.well-known/oauth-authorization-server | OAuth 2.1 AS metadata |
/.well-known/oauth-protected-resource/mcp | Resource-server metadata for /mcp (RFC 9728 path-suffixed) |
/authorize | Consent screen — human enters the owner password (rate-limited) |
/token | Authorization-code → bearer token exchange |
/register | Dynamic Client Registration (DCR) |
/revoke | Token revocation (RFC 7009) |
/healthz | Liveness probe (no auth — answers only {ok, name, version}) |
/readyz | Readiness probe (no auth — answers only {ok}) |
| Variable | Default | Meaning |
|---|---|---|
AVITO_MCP_TRANSPORT | stdio | stdio | http | both (CLI flag --http) |
AVITO_MCP_HTTP_HOST | 127.0.0.1 | Bind address — keep it loopback behind a proxy |
AVITO_MCP_HTTP_PORT | 3000 | Listen port |
AVITO_MCP_HTTP_PUBLIC_URL | — | Public TLS base used to build OAuth issuer / resource metadata. No trailing slash. |
AVITO_MCP_HTTP_AUTH | oauth | oauth | bearer | none |
AVITO_MCP_OAUTH_OWNER_PASSWORD | — | Required in oauth mode; at least 32 bytes. Gates /authorize — the only secret that mints a token. |
AVITO_MCP_OAUTH_TOKEN_TTL_SEC | 3600 | Issued bearer-token lifetime |
AVITO_MCP_OAUTH_STORE_FILE | — | Optional durable token/client store. It has an exclusive process lease: one running server per file |
AVITO_MCP_HTTP_AUTH_TOKEN | — | bearer mode: shared secret(s), comma-separated; each at least 32 bytes |
AVITO_MCP_HTTP_ALLOW_NO_AUTH | 0 | Allow auth=none on a non-loopback host (discouraged) |
AVITO_MCP_HTTP_ALLOWED_HOSTS | derived | CSV — DNS-rebinding protection (accepted Host values). Derived from public URL + bind address; an under-specified wildcard bind fails startup |
AVITO_MCP_HTTP_ALLOWED_ORIGINS | derived | CSV — accepted Origin values. Same fail-closed derivation as above |
AVITO_MCP_HTTP_MAX_SESSIONS | 100 | Max concurrent Streamable HTTP sessions — initialize beyond it → 503 |
AVITO_MCP_HTTP_SESSION_IDLE_SEC | 1800 | Sessions idle longer than this are reaped (clients that vanished without DELETE) |
Security model. Node binds
127.0.0.1by default and speaks plain HTTP. TLS is terminated by a reverse proxy (nginx / Caddy) on your domain, which forwards tohttp://127.0.0.1:3000. Never expose port 3000 directly to the internet. Host/Origin validation protects MCP and OAuth routes.auth=noneon a public host is refused unless you setAVITO_MCP_HTTP_ALLOW_NO_AUTH=1.
v1.2.0 migration: OAuth artifacts issued without the exact scope/resource binding are intentionally rejected. Reauthorize affected clients. A configured
AVITO_MCP_OAUTH_STORE_FILEis now single-writer; give each concurrent server its own file.
https://mcp.example.com)Both proxy the MCP endpoint, the OAuth discovery/flow endpoints, and the webhook path, and preserve the Host header (the OAuth metadata is built from it).
server {
listen 443 ssl;
server_name mcp.example.com;
ssl_certificate /etc/letsencrypt/live/mcp.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mcp.example.com/privkey.pem;
# MCP transport + OAuth (discovery, authorize, token, register, revoke) + webhook receiver.
location ~ ^/(mcp|\.well-known/oauth-authorization-server|\.well-known/oauth-protected-resource|authorize|token|register|revoke|avito/webhook|healthz|readyz) {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Host $host; # preserve Host — OAuth metadata depends on it
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Streamable HTTP keeps long-lived responses open:
proxy_buffering off;
proxy_read_timeout 3600s;
}
}
mcp.example.com {
# Caddy obtains and renews the TLS cert automatically.
# Caddy preserves the Host header by default (no header_up needed).
reverse_proxy /mcp* http://127.0.0.1:3000
reverse_proxy /.well-known/oauth-authorization-server* http://127.0.0.1:3000
reverse_proxy /.well-known/oauth-protected-resource* http://127.0.0.1:3000
reverse_proxy /authorize* http://127.0.0.1:3000
reverse_proxy /token* http://127.0.0.1:3000
reverse_proxy /register* http://127.0.0.1:3000
reverse_proxy /revoke* http://127.0.0.1:3000
reverse_proxy /avito/webhook* http://127.0.0.1:3000
reverse_proxy /healthz* http://127.0.0.1:3000
reverse_proxy /readyz* http://127.0.0.1:3000
}
If you control both ends and don't need the full OAuth dance, set AVITO_MCP_HTTP_AUTH=bearer and a shared secret:
AVITO_MCP_TRANSPORT=http
AVITO_MCP_HTTP_PUBLIC_URL=https://mcp.example.com
AVITO_MCP_HTTP_AUTH=bearer
AVITO_MCP_HTTP_AUTH_TOKEN=long-random-secret,another-secret # one or more, comma-separated
Clients then send Authorization: Bearer long-random-secret to /mcp. The same reverse-proxy config applies.
Polling messenger_get_chats_v2 works, but for real-time reactions (reply the instant a customer writes) Avito can push events to you. The server ships a built-in receiver: point Avito at a secret URL and every event is buffered for your agent to read.
This works even in pure stdio mode — Avito only needs a public URL to POST to; your MCP client never touches it. (If AVITO_MCP_TRANSPORT=stdio and a webhook secret is set, the server still starts a tiny HTTP listener just for the receiver.)
AVITO_MCP_WEBHOOK_SECRET=… # random, at least 32 bytes
AVITO_MCP_WEBHOOK_PUBLIC_URL=https://mcp.example.com # public base Avito POSTs to (defaults to the HTTP public URL)
# AVITO_MCP_WEBHOOK_PATH=/avito/webhook # default
# AVITO_MCP_WEBHOOK_BUFFER=100 # ring-buffer size (events kept in memory)
# AVITO_MCP_WEBHOOK_LOG_FILE=/var/lib/avito-mcp/webhook-events.jsonl
Avito then delivers to:
POST {AVITO_MCP_WEBHOOK_PUBLIC_URL}{AVITO_MCP_WEBHOOK_PATH}/{AVITO_MCP_WEBHOOK_SECRET}
→ 200 {"ok":true} (answered in well under Avito's 2-second deadline)
The secret is part of the path, so the URL is unguessable — that's the auth. Generate at least 32 random bytes. The URL must be public HTTPS. Both webhook registration tools accept only the exact receiver URL derived from operator configuration; an agent cannot redirect future messages to an arbitrary host. Their dry-run output redacts the secret URL.
| Variable | Default | Meaning |
|---|---|---|
AVITO_MCP_WEBHOOK_SECRET | — | Enables the receiver; random path segment of at least 32 bytes. Required — without it the receiver stays disabled |
AVITO_MCP_WEBHOOK_ENABLED | 1 when a secret is set | Explicit toggle: set 0 to disable without unsetting the secret. 1 without a secret does nothing (warned at startup) |
AVITO_MCP_WEBHOOK_PUBLIC_URL | (HTTP public URL) | Public base Avito POSTs to |
AVITO_MCP_WEBHOOK_PATH | /avito/webhook | Path prefix before the secret segment |
AVITO_MCP_WEBHOOK_BUFFER | 100 | In-memory ring-buffer size |
AVITO_MCP_WEBHOOK_LOG_FILE | — | Optional 0600 JSONL containing normalized metadata only (no message text/raw payload); rotates at 10 MiB and retains one backup |
| Surface | What it gives you |
|---|---|
messenger_get_webhook_events (tool, read) | Drain buffered events — filter by chat_id, since, limit |
messenger_get_webhook_status (tool, read) | Receiver stats: retained / total received / last received at / buffer size |
messenger_register_webhook (tool, ⚠️ public) | Subscribe only the operator-configured public URL with Avito; confirmed by default |
avito://webhook/events (resource, subscribable) | The same events as an MCP resource; resources/subscribe for live push to your client |
A typical loop: subscribe to avito://webhook/events, and on each notifications/resources/updated read the new event, draft a reply, and (after confirmation) send it with messenger_post_send_message.
The JSON snippet from the Quick Start section above works in every MCP-compatible client — only the path to the config file changes. Pick yours below:
| OS | Path |
|---|---|
| macOS | ~/Library/Application Support/Claude/claude_desktop_config.json |
| Windows | %APPDATA%\Claude\claude_desktop_config.json |
| Linux | ~/.config/Claude/claude_desktop_config.json |
Create the file if it doesn't exist; otherwise add the avito entry to the existing mcpServers block. Fully quit Claude Desktop (system tray) and reopen — a 🔌 avito indicator should appear at the bottom of the chat.
Logs: ~/Library/Logs/Claude/mcp-server-avito.log (macOS).
Easiest — one command:
claude mcp add avito npx -y avito-mcp \
-e Client_id=YOUR_CLIENT_ID \
-e Client_secret=YOUR_CLIENT_SECRET \
-e Profile_id=YOUR_PROFILE_ID
Or add .mcp.json to your project root (use the JSON from Quick Start, plus "type": "stdio"). Verify with claude mcp list.
Path: ~/.cursor/mcp.json (global) or <project>/.cursor/mcp.json (per-project). Use the Quick Start JSON as-is. Reload window after saving (Cmd/Ctrl + Shift + P → "Reload Window").
OpenAI's Desktop app added MCP server support via the Connectors UI. Settings → Connectors → Add custom MCP server → fill in:
Avitostdionpx-y avito-mcpClient_id, Client_secret, Profile_idPath: ~/.codeium/windsurf/mcp_config.json. Use the Quick Start JSON. Alternative: Settings → Cascade → MCP Servers → Add Server (UI).
In VS Code: Cline icon → ⚙️ → MCP Servers → Edit cline_mcp_settings.json.
| OS | Path |
|---|---|
| macOS | ~/Library/Application Support/Code/User/globalStorage/saoudrizwan.claude-dev/settings/cline_mcp_settings.json |
| Windows | %APPDATA%\Code\User\globalStorage\saoudrizwan.claude-dev\settings\cline_mcp_settings.json |
| Linux | ~/.config/Code/User/globalStorage/saoudrizwan.claude-dev/settings/cline_mcp_settings.json |
Use the Quick Start JSON. Cline auto-reloads without VS Code restart.
Add to ~/.continue/config.json:
{
"experimental": {
"modelContextProtocolServers": [
{
"transport": {
"type": "stdio",
"command": "npx",
"args": ["-y", "avito-mcp"],
"env": { "Client_id": "...", "Client_secret": "...", "Profile_id": "..." }
}
}
]
}
}
Open Settings (Cmd+,), find the context_servers block:
Documentation truncated — see the full README on GitHub.
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.